SHARP Project

Sharp Project

The SHARP project is in the specification and prototyping phase of building a platform for devices that are part of a voting system, including but not limited to voting devices. Specification work is focused on providing definition and details for the prototyping efforts.

We've made available a build that's available both as source and as a live-CD demo system. It's the work-in-progress results of development that's underway.

SHARP Goal: Common Basis for Assurance

The main idea behind SHARP is that most types of electronic election equipment share a fairly simple set of requirements for the platform that they run on (and OS and common services implemented on the OS). Current SHARP efforts are oriented to proof of the concept that it is quite feasible to build a high-assurance platform that meets all of these requirements, and that is a sufficient platform for all of the components of OASES, the OSDV election system. An important goal is to show that such a platform can exist in order to "factor out" the majority of issues about system integrity, software assurance, verifiable operation, feasible software assessment, system certification, so forth -- all the common areas where many currently used systems are opaque or seemingly burdensome to assess, and as a result suffer from having no basis for trust.

Other OSDV projects, including some that can run in parallel, will test the SHARP system definition by using a SHARP prototype as the basis for a reference implementation of a component of an election system. For example, the SCAN project will combine SHARP with open source software for a paper ballot optical scanning function that is already available for public use. Each of these reference implementations should demonstrate not only that the SHARP system specification is feasible to implement, but also that SHARP-based systems are very feasible to assess for integrity, assurance, verifiability and so forth.

These system properties are essential as the basis for trust in any component of an election system composed of trustworthy devices that are high assurance and high integrity. Therefore, SHARP efforts are critical to demonstrate the feasibility of building trustworthy technology for elections.

SHARP Project Status

The first draft specification document for SHARP is in progress. Most of the important aspects of SHARP are informally described in the Open Toaster Architecture. The SHARP system architecture is documented as part of the OSDV Technical Architecture.

The P2 release of SHARP is availble (see below), with several areas of work as next steps. Detailed status and tasks are provided in the SHARP Project Status and Tasks.

SHARP P2 Release

The SHARP P2 release is now available for download.

Download

The download is in two forms. Firstly, a demonstration system is available as a a LiveCD system image that you can download as an ISO file, and either run as a VM, or burn to a boot disk, and use the disk to run the demo system on your standard PC hardware. Secondly, the hardy and adventurous can download the source to build the ISO yourself, and consider how you might get involved in the next phase of work.

Demonstration

So just what is this release, and what does it demonstrate?

Well, the P2 release represents some large steps towards SHARP, the OS platform for all of devices that comprise the OSDV voting system. The goal is a minimal OS along with other components, mainly a minimized python execution environment.

The P2 release consists of parts of a standard Linux distribution, with other parts removed as part of "minimization" efforts. Minimization means, ideally, only include the OS code that you need in order to support a fixed set of application software. In the case of SHARP, the fixed set of application software a python environment and some python application software. In SHARP P2, a large proportion of user-space was removed, leaving only the python code that is needed to run the sample application. In addition, the kernel build eliminated all but the most basic file-system.

The sample application is pvote, which is the work of Ka-Ping Yee, who demonstrated that a substantially complete voting device could be implemented in less than 500 lines of python, running on a suitable platform of python and Linux. (Actually, Ping demonstrated a whole lot more in his thesis work of which pvote software was only a part.)

Pvote thus comprises a great worked example of the application layer, the needs of which define how much "minimization" can be done. Pvote also provides a very nice demo. You pop in the boot disk containing the LiveCD image we've built, boot your PC hardware from the boot disk, and you get a voting machine that steps you through a sample ballot for you to vote.

What does this prove? A balloting device is one of the two most complex of the several components of real voting systems. So, we can demonstrate that a credible implementation of this component can be done as a small body of code (thanks to Ping) that can run on a platform that can be significantly minimized. If we can do that for a complicated component, then the other simpler ones are feasible as well.

Next Steps, and Help Wanted

Another purpose of the P2 release is to show what else needs to be done. Here is a short list of ongoing work, for which we're recruiting!

• There is a set of Linux-related tasks for more minimization (e.g. remove network stack) and build automation.
• Minimization work also includes the task of minimizing the python environment (e.g., removing the 99% of library code that isn't needed by pvote).
• There is a python application programming task, to enhance the pvote demo, especially with printer support, so that the demo supports paper ballots.

And there's more, but these are the main focuses of on-going work. There is room for many hands!